VYPR

Business Intelligence

by Magzter

CVEs (3)

  • CVE-2020-19587Sep 14, 2022
    risk 0.00cvss epss 0.01

    Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.

  • CVE-2020-19586Sep 14, 2022
    risk 0.00cvss epss 0.01

    Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.

  • CVE-2014-7325Oct 19, 2014
    risk 0.00cvss epss 0.00

    The Business Intelligence (aka com.magzter.businessintelligence) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.